Submitted by Sestini & Co
| on Wed, 02/28/2018 - 9:03 | In Accounting and systems
With cybercrime on the increase, businesses need to ensure their clients’ information is secure. The EU’s GDPR will come into effect on 25 May 2018, replacing the Data Protection Directive 95/46/EC, bringing with it new rules in relation to security and privacy rights.
The new legislation will apply to all organisations in the EU, including the UK, even with Brexit on the horizon. It will give individuals more control over their personal data and more security to protect it. One of the biggest changes comes with the extended jurisdiction of the GDPR, as it applies to all companies processing the personal data of individuals residing in the Union, irrespective of the company’s location.
Organisations of all kinds will be more accountable and with penalties for non-compliance at £20m or 4% of annual turnover, this is something you need to be preparing for now.
What steps should you take to prepare for GDPR?
The ICO has produced a useful guide on preparing yourself for the GDPR. Some of the tips include:
- Awareness: Ensure key decision-makers are aware of the new law and that they appreciate the likely impact
- Document your data: Document what personal data you hold, where it came from and who you share it with.
- Review current privacy notices: put a plan in place ready for GDPR
- Individuals’ rights: review current procedures for deleting personal data or providing it electronically
- Access requests: plan how you will handle request within the new timescales
- Consent: refresh existing consents to ensure they comply with the GDPR
- Data breaches: make sure you have the right procedures in place to investigate this
- Data protection impact assessments: familiarise yourself with the ICO’s code of practice on Privacy Impact Assessments
- Data Protection Officers: consider whether you are required to formally designate a Data Protection Officer
- International: refer to Article 29 Working Party guidelines if your organisation operates in more than one EU member state.
Check out some of the upcoming seminars in Bristol and beyond
There are many options to choose from when it comes to getting external guidance on GDPR. Here are a couple that caught our eye:
GDPR for marketers – Keynsham, Bristol – 7th March. Book here.
GDPR for Small Businesses – Bristol – 13th March. Book here.
GDPR Seminar at Bath Expo – 16th March. Book here.
Organisations such as BusinessWest can also offer useful background and links to upcoming workshops.
Review your existing systems
Many accountancy firms rely on the security measures of current systems or are still using older systems, so now is a good time to review your processes and future-proof your business in order to stay compliant with GDPR. If you’d like to discuss how this might relate to your situation, call us on 01761 241 861 or email us today. We will be pleased to advise you on the accountancy aspects of GDPR or to invite you into our offices in Paulton, near Bristol and Bath, for a consultation.